Date: Mon, 11 May 1998 02:00:57 -0400 (EDT) From: Dennis Tenn <dstenn@fanfic.org> To: FreeBSD Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Firewall and talkd Message-ID: <Pine.BSF.3.96.980511015635.355I-100000@fanfic.org> In-Reply-To: <Pine.BSF.3.96.980510041830.436A-100000@fanfic.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 10 May 1998, Dennis Tenn wrote:
| On Sat, 9 May 1998, Doug White wrote:
|
| | > I've successfully configured my firewall except now I'd like to allow talk
| | > sessions to and from my computer but all I've done so far has failed.
| | > I've added rules to allow all my other services but talk is still giving
| | > me grief. I know that talkd uses port 517 but even after I've allowed udp
| | > through this port I get the following errors. My current firewall option
| | > is set to 'client'.
| |
| | Try allowing tcp too.
|
| I did but talk works via udp. Even with tcp the same results.
I finally figured out my problem. I had to allow for the traffic to pass
both ways on various ports. It seems that the rules I added were only
half done. I'm not sure if I've specified too much in my rules but it
seems to work. Here is what I've added..
# Allow talk and ntalk Services
$fwcmd add pass log udp from ${ip} 30000-65535 to any 517
$fwcmd add pass log udp from any 30000-65535 to ${ip} 517
$fwcmd add pass log udp from ${ip} 517 to any 30000-65535
$fwcmd add pass log udp from any 517 to ${ip} 30000-65535
$fwcmd add pass log udp from ${ip} 1000-5000 to any 518
$fwcmd add pass log udp from any 1000-5000 to ${ip} 518
$fwcmd add pass log udp from ${ip} 518 to any 1000-5000
$fwcmd add pass log udp from any 518 to ${ip} 1000-5000
As you can see I'm also logging connections via the talk or ntalk ports.
Results seem to indicate that it works since I've been able to
successfully connect to and from a remote machine.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Dennis Tenn * There will always come a time
dstenn@fanfic.org * When your love will be tested
ICQ# 1457509 * Stand tall and rise to the occasion
* For only then will you grow strong.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980511015635.355I-100000>